Millions of the most popular Smartphone company world over, Samsung, have been exposed to attacks because Samsung forgot to renew its domain that is used to manage a stock application that is installed on older phones. This much was revealed by security experts.
Older Samsung Smartphone users would probably have a stock app whose function is to recommend other well-known applications named S Suggest installed on it. The firm stated that it ceases from using S Suggest back in the year 2014, it also said that it recently allowed one of the domains used to manage the application to run out, this was according to a security expert that inherited the domain.
The singular action of allowing the domain to expire gave just anyone an access to gain access to millions of Smartphone’s, also it empowers them to promote dangerous applications into them. This much was made known by Joao Gouveia who happens to be the chief technology officer at Anubis Laboratories. He said that he gained control of the domain on Monday.
Samsung has, however, come out to discredit the expert’s claims, They said that even though the domain was taken over, control of it does not give you access to install unwanted and malicious applications, it doesn’t give you control over the users’ device.
Gouvela, however, said that within 24 hours, he saw 620 million check-ins from over 2 million devices. S Suggest has a lot of permissions, including resetting the device from a remote location and then installing packages or applications. What this means is that someone with evil intent could have gotten that domain and do terrible things to the device.
If a hacker with bad intents had taken over the domain, he or she could have easily forced malicious and dangerous applications to the users of millions of Samsung phones. This was according to a statement by Ben Actis, a private security expert that specialises on Android. According to him, Samsung messed up because the application can be used to install other applications.
He went on further to say that since Samsung has lost the domain, someone with bad intent could easily install anything he likes on it. Although since the domain is with Gouveia, Samsung users with S Suggest can rest assured that they don’t have anything to worry about. it is even more encouraging to know that he is willing to give back the domain.
It should, however, be noted that matters could have turn out worse. It is even more confusing why Samsung would risk being hijacked by hacked who could continue running services hitherto not used. This embarrassment comes barely a few weeks after revealed that Tizen which is the new operating system by Samsung was full of so many bugs that it was described as the worst code ever.
It should, however, be noted that these loopholes as identified have not yet been confirmed by the company in question and as such remain just speculations, furthermore, if it is truly a high-risk event, it should be rectified by Samsung sooner than later.